Published: 24/07/2017 Updated: 26/06/2023

CVSS v2 Base Score: 6.9 | Impact Score: 10 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 615

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

net/xfrm/xfrm_policy.c in the Linux kernel up to and including 4.12.3, when CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users to cause a denial of service (out-of-bounds access) or possibly have unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel

Debian Bug report logs - #875881 linux: CVE-2017-1000251 Package: src:linux; Maintainer for src:linux is Debian Kernel Team <debian-kernel@listsdebianorg>; Reported by: Christoph Anton Mitterer <calestyo@scientianet> Date: Fri, 15 Sep 2017 14:42:01 UTC Severity: critical Tags: confirmed, fixed-upstream, security, ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to privilege escalation, denial of service or information leaks CVE-2017-7518 Andy Lutomirski discovered that KVM is prone to an incorrect debug exception (#DB) error occurring while emulating a syscall instruction A process inside a guest can take advanta ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) b ...

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise MRG 2Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVS ...

Synopsis Important: kernel security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 74 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerabili ...

CWE-125 http://seclists.org/bugtraq/2017/Jul/30 http://www.securityfocus.com/bid/99928 http://www.debian.org/security/2017/dsa-3981 https://source.android.com/security/bulletin/pixel/2017-11-01 http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html https://access.redhat.com/errata/RHSA-2018:2003 https://access.redhat.com/errata/RHSA-2018:1965 https://access.redhat.com/errata/RHSA-2019:1170 https://access.redhat.com/errata/RHSA-2019:1190 https://nvd.nist.gov https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875881 https://www.debian.org/security/./dsa-3981

CVE-2017-11600

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect